Snapchat source code leaked and posted to GitHub

Source code for what is believed to be a small part of Snapchat’s iOS application was posted on GitHub after being leaked back in May. After being notified, Snap Inc., Snapchat’s parent company, immediately filed a DMCA request to GitHub to get the code removed.

A copy of the request was found by a ‘security researcher’ tweeting from the handle @x0rz, who shared a link to a copy of the request on GitHub:

The initial leak back in May was caused by an update to the Snapchat iOS application. A spokesperson for Snap Inc. explained to CNET:

“An iOS update in May exposed a small amount of our source code and we were able to identify the mistake and rectify it immediately… We discovered that some of this code had been posted online and it has been subsequently removed. This did not compromise our application and had no impact on our community.”

This code was then published by a someone using the name Khaled Alshehri, believed to be based in Pakistan, on GitHub. The repository created – called Source-SnapChat – has now been taken down.

A number of posts linked to the GitHub account suggests that the leaker had tried to contact Snapchat but had been ignored. “I will post it again until I get a reply” they said.

Leaked Snapchat code is still being traded privately

Now the code is out in the wild it will take more than a DMCA request to get things under control. Although it would appear the leaked code isn’t substantial enough to give much away to potential cybercriminals, it’s likely that Snapchat is now working hard to make the changes required to tighten its security.